Installing SSL Certification on Apache Webserver This tutorial will guide you through installing an SSL certificate on an Apache webserver. We assume that your VPS server is already set up with Apache. Requirements Before proceeding, ensure that your SSL certificate is correctly issued. If you obtained your certificate from VPS Sell, follow their instructions on ordering and issuance: How to Order SSL Certificate and Get it Issued . For storing the certificate on the server, we will use the default folder /etc/ssl/ . Installation Steps Upload the Certificate Files Upload the following certificate files to the /etc/ssl/ folder: domain.tld.crt (Certificate) domain.tld.key (Private Key) domain.tld.ca-bundle (Certification Authority (CA)) Note: If you ordered a certificate from VPS Sell, you can find the Certificate and CA files in the Clients area page . The Private Key is provided when you generate the CSR. If you did not order from VPS Sell, contact your SSL certificate issuer to obtain these files. Configure Apache for SSL Edit the default Apache SSL configuration file: sudo nano /etc/apache2/sites-available/default-ssl.conf Add a line for ServerName under <VirtualHost _default_:443> if it doesn't already exist: ServerName domain.tld if(window.hljsLoader && !document.currentScript.parentNode.hasAttribute('data-s9e-livepreview-onupdate')) { window.hljsLoader.highlightBlocks(document.currentScript.parentNode); } Edit the file paths to your uploaded certificate files: SSLCertificateFile /etc/ssl/domain.tld.crt if(window.hljsLoader && !document.currentScript.parentNode.hasAttribute('data-s9e-livepreview-onupdate')) { window.hljsLoader.highlightBlocks(document.currentScript.parentNode); } SSLCertificateKeyFile /etc/ssl/domain.tld.key if(window.hljsLoader && !document.currentScript.parentNode.hasAttribute('data-s9e-livepreview-onupdate')) { window.hljsLoader.highlightBlocks(document.currentScript.parentNode); } SSLCertificateChainFile /etc/ssl/domain.tld.ca-bundle if(window.hljsLoader && !document.currentScript.parentNode.hasAttribute('data-s9e-livepreview-onupdate')) { window.hljsLoader.highlightBlocks(document.currentScript.parentNode); } Note: Adjust the file paths if you store the certificates in a different location. Enable SSL Module and Configuration Enable the SSL module for Apache: sudo a2enmod ssl Enable the edited SSL configuration file: sudo a2ensite default-ssl Restart Apache Restart the Apache service to apply the changes: sudo systemctl restart apache2 Your SSL certificate is now installed. Generating a CSR via Command Line You can generate a CSR using the following command: openssl req -new -newkey rsa:2048 -nodes -keyout domain.tld.key -out domain.tld.csr Fill in the CSR details as prompted: Country Name (2 letter code) [XX]: LT if(window.hljsLoader && !document.currentScript.parentNode.hasAttribute('data-s9e-livepreview-onupdate')) { window.hljsLoader.highlightBlocks(document.currentScript.parentNode); } State or Province Name (full name) []: Lietuva if(window.hljsLoader && !document.currentScript.parentNode.hasAttribute('data-s9e-livepreview-onupdate')) { window.hljsLoader.highlightBlocks(document.currentScript.parentNode); } Locality Name (eg, city) [Default City]: Vilnius if(window.hljsLoader && !document.currentScript.parentNode.hasAttribute('data-s9e-livepreview-onupdate')) { window.hljsLoader.highlightBlocks(document.currentScript.parentNode); } Organization Name (eg, company) [Default Company Ltd]: [Your company name or your name] if(window.hljsLoader && !document.currentScript.parentNode.hasAttribute('data-s9e-livepreview-onupdate')) { window.hljsLoader.highlightBlocks(document.currentScript.parentNode); } Organizational Unit Name (eg, section) []: IT if(window.hljsLoader && !document.currentScript.parentNode.hasAttribute('data-s9e-livepreview-onupdate')) { window.hljsLoader.highlightBlocks(document.currentScript.parentNode); } Common Name (eg, your name or your server's hostname) []: domain.tld if(window.hljsLoader && !document.currentScript.parentNode.hasAttribute('data-s9e-livepreview-onupdate')) { window.hljsLoader.highlightBlocks(document.currentScript.parentNode); } Email Address []: email@address.com if(window.hljsLoader && !document.currentScript.parentNode.hasAttribute('data-s9e-livepreview-onupdate')) { window.hljsLoader.highlightBlocks(document.currentScript.parentNode); } A challenge password []: [press ENTER] if(window.hljsLoader && !document.currentScript.parentNode.hasAttribute('data-s9e-livepreview-onupdate')) { window.hljsLoader.highlightBlocks(document.currentScript.parentNode); } An optional company name []: [press ENTER] if(window.hljsLoader && !document.currentScript.parentNode.hasAttribute('data-s9e-livepreview-onupdate')) { window.hljsLoader.highlightBlocks(document.currentScript.parentNode); } Your CSR is ready to be submitted to the certificate issuer, and the Private Key file is generated for SSL installation.

[Apache] Installing SSL Certificate to VPS

Freya VPS Hosting Team

Installing SSL Certification on Apache Webserver

This tutorial will guide you through installing an SSL certificate on an Apache webserver. We assume that your VPS server is already set up with Apache.

Requirements

Before proceeding, ensure that your SSL certificate is correctly issued. If you obtained your certificate from VPS Sell, follow their instructions on ordering and issuance: How to Order SSL Certificate and Get it Issued.

For storing the certificate on the server, we will use the default folder /etc/ssl/.

Installation Steps

Upload the Certificate Files

Upload the following certificate files to the /etc/ssl/ folder:
- domain.tld.crt (Certificate)
- domain.tld.key (Private Key)
- domain.tld.ca-bundle (Certification Authority (CA))
  
  Note: If you ordered a certificate from VPS Sell, you can find the Certificate and CA files in the Clients area page. The Private Key is provided when you generate the CSR. If you did not order from VPS Sell, contact your SSL certificate issuer to obtain these files.
Configure Apache for SSL

Edit the default Apache SSL configuration file:

sudo nano /etc/apache2/sites-available/default-ssl.conf

Add a line for ServerName under <VirtualHost _default_:443> if it doesn't already exist:

   ServerName domain.tld

Edit the file paths to your uploaded certificate files:

   SSLCertificateFile /etc/ssl/domain.tld.crt

   SSLCertificateKeyFile /etc/ssl/domain.tld.key

   SSLCertificateChainFile /etc/ssl/domain.tld.ca-bundle

Note: Adjust the file paths if you store the certificates in a different location.

Enable SSL Module and Configuration

Enable the SSL module for Apache:

sudo a2enmod ssl

Enable the edited SSL configuration file:

sudo a2ensite default-ssl

Restart Apache

Restart the Apache service to apply the changes:

sudo systemctl restart apache2

Your SSL certificate is now installed.

Generating a CSR via Command Line

You can generate a CSR using the following command:

openssl req -new -newkey rsa:2048 -nodes -keyout domain.tld.key -out domain.tld.csr

Fill in the CSR details as prompted:

Country Name (2 letter code) [XX]: LT

State or Province Name (full name) []: Lietuva

Locality Name (eg, city) [Default City]: Vilnius

Organization Name (eg, company) [Default Company Ltd]: [Your company name or your name]

Organizational Unit Name (eg, section) []: IT

Common Name (eg, your name or your server's hostname) []: domain.tld

Email Address []: email@address.com

A challenge password []: [press ENTER]

An optional company name []: [press ENTER]

Your CSR is ready to be submitted to the certificate issuer, and the Private Key file is generated for SSL installation.